Tag: browser
-
Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities. The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-133-firefox-135-patch-high-severity-vulnerabilities/
-
New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads
Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods… First seen on hackread.com Jump to article: hackread.com/valleyrat-malware-variant-fake-chrome-downloads/
-
FleshStealer: A new Infostealer Attacking Chrome Mozilla Users
A newly identified strain of information-stealing malware, FleshStealer, is making headlines in 2025 due to its advanced evasion techniques and targeted data extraction capabilities. Flashpoint analysts have shed light on its operation, revealing a sophisticated tool that poses significant risk to organizations worldwide. Designed to bypass traditional defenses and target sensitive data, FleshStealer is emerging…
-
SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon
It’s another cousin of Spectre, here to read your email, browsing history, and more First seen on theregister.com Jump to article: www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/
-
Google to kill Chrome Sync on older Chrome browser versions
Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/
-
Chrome Security Update Patch for 3 High-Severity Vulnerabilities
Google has released a critical update for the Chrome browser, addressing three high-severity security vulnerabilities. This patch, part of the latest Stable channel release, ensures users remain protected from potential threats. The new version rolled out progressively, underscores Chrome’s commitment to providing a secure browsing environment. Users are urged to update their browsers promptly to…
-
Google launches customizable Web Store for Enterprise extensions
Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees’ web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-launches-customizable-web-store-for-enterprise-extensions/
-
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code into legitimate Chrome extensions. Sensitive user data, including API keys, session cookies, and authentication tokens…
-
Supply chain attack hits Chrome extensions, could expose millions
Threat actor exploited phishing and OAuth abuse to inject malicious code First seen on theregister.com Jump to article: www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/
-
Spooks of the internet came alive this Halloween
Halloween 2024 made history with a massive spike in distributed denial of service (DDoS) attacks, with one particular assault reaching over 5 Terabits-per-second (Tbps) worth of phony traffic.In its quarterly analysis of DDoS attacks, Cloudflare reported a surge in hyper-volumetric attacks in the fourth quarter of 2024.”In the fourth quarter, over 420 of those attacks…
-
Kompromittierte Chrome-Extensions als Gefahr
Ich stelle mal ein nicht mehr so ganz neues Problem hier im Beitrag zur Diskussion. Manche Leute verwenden ja recht heftig sogenannte Browser-Extensions. Die bieten Zusatzfunktionen, setzen Nutzer aber der Gefahr aus, dass plötzlich Schadfunktionen über kompromittierte Extensions in den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/01/22/kompromittierte-chrome-extensions-als-gefahr/
-
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious actors to exploit trusted software ecosystems. The Discovery The nefarious extension, uploaded to the VS…
-
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users
Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The Indian Computer Emergency Response Team (CERT-In) issued an advisory on January 20, 2025, highlighting multiple security flaws in Mozilla’s popular browser and email client. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-in-reports-mozilla-vulnerabilities/
-
Chrome 132 Patches 16 Vulnerabilities
Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects. The post Chrome 132 Patches 16 Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-132-patches-16-vulnerabilities/
-
Chrome Security Update Patch For 16 Vulnerabilities
Google has released a significant security update for its Chrome browser, addressing 16 vulnerabilities in version 132.0.6834.83/84 for Windows, Mac, and Linux platforms. This update, which will be rolled out over the coming days and weeks. While this security update includes several critical fixes and improvements to enhance the security of the web browser. The…
-
Hotel chain ditches Google search for DuckDuckGo, ‘subjected to fraud attempts daily’
Tags: apple, attack, authentication, browser, chrome, cloud, control, cybercrime, cybersecurity, data-breach, fraud, google, jobs, malware, mfa, monitoring, phishing, privacy, ransomware, risk, scam, service, tool, windowsAt the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security.”The receptionists worked with whiteboards to keep track of which rooms were…
-
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
Zugriff auf interne Systeme: Forscher hackt Facebook und erhält 100.000 US-Dollar
Durch eine Sicherheitslücke im Chrome-Browser konnte ein Forscher einen Server von Facebook infiltrieren. Meta zahlte ihm eine üppige Belohnung. First seen on golem.de Jump to article: www.golem.de/news/zugriff-auf-interne-systeme-forscher-hackt-facebook-und-erhaelt-100-000-us-dollar-2501-192305.html
-
Here’s how hucksters are manipulating Google to promote shady Chrome extensions
How do you stash 18,000 keywords into a description? Turns out it’s easy. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/googles-chrome-web-store-has-a-serious-spam-problem-promoting-shady-extensions/
-
Chrome Security Update Patch for Multiple Security Vulnerabilities
Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux. This update addresses a series of critical security vulnerabilities and will be rolled out gradually over the coming days and weeks. Users are encouraged to update their browsers to benefit from these vital…
-
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Chrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers. The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-131-firefox-134-updates-patch-high-severity-vulnerabilities/
-
Webbrowser: Chrome- und Firefox-Updates stopfen teils hochriskante Lücken
Neue Versionen von Google Chrome und Mozilla Firefox schließen Sicherheitslücken in den Webbrowsern. Einige gelten als hochriskant. First seen on heise.de Jump to article: www.heise.de/news/Webbrowser-Chrome-und-Firefox-Updates-stopfen-teils-hochriskante-Luecken-10231176.html
-
Böse Weihnachtsüberraschung: Hacker übernehmen Chrome-Erweiterungen
First seen on t3n.de Jump to article: t3n.de/news/boese-weihnachtsueberraschung-hacker-uebernehmen-chrome-erweiterungen-1665791/
-
Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data
The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers. However, after significant scrutiny, the legitimate version has been removed from the Chrome Web Store, leaving users vulnerable to a fake extension that has…
-
Privacy Roundup: Week 1 of Year 2025
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
Google Chrome is making it easier to share specific parts of long PDFs
Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chrome-is-making-it-easier-to-share-specific-parts-of-long-pdfs/
-
36 Chrome Extensions Compromised in Supply Chain Attack
Developers Listed as Public Contact Points Targeted in Phishing Campaign. A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/36-chrome-extensions-compromised-in-supply-chain-attack-a-27207
-
Schädliche Versionen von zahlreichen Chrome-Erweiterungen in Umlauf
Über die Weihnachtstage verschafften sich die Täter Zugriff auf diverse Chrome-Extensions in einigen Fällen sogar schon deutlich früher. First seen on heise.de Jump to article: www.heise.de/news/Nach-Phishing-Angriff-Schaedliche-Erweiterungen-in-Chrome-Web-Store-geschleust-10224745.html